iPhoneDevSDK, a popular website for iOS programming, confirmed it was the source of the malware that infected computers at Facebook, Apple and others. The website claims it was malicious JavaScript code that was vector for the infection

What we’ve learned is that it appears a single administrator account was compromised. The hackers used this account to modify our theme and inject JavaScript into our site. That JavaScript appears to have used a sophisticated, previously unknown exploit to hack into certain user’s computers.

The website has reset all passwords on the site and is working with both law enforcement and the hacked companies to identify the person or the group behind this attack.